assemblyai
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external audio transcript data. Ingestion points: Transcript data retrieved via actions like get-transcript, get-paragraphs, and search-words as described in SKILL.md. Boundary markers: Absent; transcript content is processed as raw text without delimiters or instructions to ignore embedded commands. Capability inventory: The agent uses the membrane CLI to execute actions and proxy API requests. Sanitization: No explicit validation or sanitization of the transcript content is implemented before processing.
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli tool from the npm registry to enable interaction with the Membrane platform.
Audit Metadata